package com.cjx.myself.controller.sql;

import com.cjx.myself.service.sql.SqlService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import java.util.List;
import java.util.Map;

/**
 * @description:
 * SQL注入 - JDBC注入
 * 审计的函数
 *  1. executeQuery
 *  2. prepareStatement
 *  3. queryForMap
 *  4. query
 * @author chujianxin
 * @date 2024/1/3 20:21
 * @version 1.0
 */

@Controller
@RequestMapping("/sql")
public class SqlController {

    @Autowired
    private SqlService sqlService;

    @GetMapping("/sql1")
    @ResponseBody
    public List<Map> sqlTest(@RequestParam("sqlArg") String sqlArg){
        return sqlService.sql1(sqlArg);
    }

}
